<?php

require_once '../include/common.inc.php';

if (!checkAdmin()) {
    header("LOCATION:index.php");
    exit;
}

$menu_index = 2;
$page_title = 'JANSEN';
$guide_message = 'User | User Manage | User Add';
$alert_message = '';

getMyParam('action'); 
getMyParam('name'); 
getMyParam('truename'); 
getMyParam('pwd'); 
getMyParam('retype_pwd'); 
getMyParam('email'); 
getMyParam('tel'); 
getMyParam('fax'); 
getMyParam('user_type'); 

$name = ($name == 'Enter name ...') ? '' : $name;

if ($action == "add") {
    if (strlen($name) <2 || strlen($name) > 32) {
        $alert_message = 'Your name must be no more than 32 characters.';
    }
    if (strlen($truename) > 60) {
        $alert_message = 'Your True name must be no more than 60 characters.';
    }
    if (trim($pwd) == "" || trim($retype_pwd) == "") {
        $alert_message = "Please enter password.";
    } elseif (strlen($pwd) > 32) {
        $alert_message = "Your password must be no more than 32 characters.";
    } elseif ($pwd != $retype_pwd) {
        $alert_message = "The passwords you entered did not match.";
    }
    if (!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i", $email)) {
        $alert_message = "Invalid Email.";
    }
    if (strlen($tel) > 60) {
        $alert_message = 'Your tel name must be no more than 60 characters.';
    }
    if (strlen($fax) > 60) {
        $alert_message = 'Your fax name must be no more than 60 characters.';
    }
    
    if ($alert_message == "") {
        $sql = "INSERT INTO `user` (`username`, `password`, `name`, `tel`, `fax`, `email`, `type`) VALUES ('$name', '" . md5($pwd) . "', '$truename', '$tel', '$fax', '$email', '$user_type')";
        $db->query($sql);
        header("LOCATION:u_manage.php");
    }
    
}

include_once(JANSEN_ROOT . 'admin/menu_list.php');
require_once PrintEot('a_header');
require_once PrintEot('a_u_manage_add');
require_once PrintEot('a_footer');

?>